const express = require('express');
const router = express.Router();
const adminService = require('../../services/adminService');
const adminAuth = require('../../middleware/adminAuth');
const { checkPermission } = require('../../middleware/permission');

/**
 * 获取管理员列表
 */
router.get('/', adminAuth, checkPermission('admin', 'read'), async (req, res) => {
  try {
    const {
      page = 1,
      limit = 20,
      search,
      status,
      roleId
    } = req.query;

    const result = await adminService.getAdminList({
      page: parseInt(page),
      limit: parseInt(limit),
      search,
      status,
      roleId: roleId ? parseInt(roleId) : undefined
    });

    res.json({
      success: true,
      data: result
    });
  } catch (error) {
    res.status(500).json({
      success: false,
      message: '获取管理员列表失败',
      error: error.message
    });
  }
});

/**
 * 获取管理员详情
 */
router.get('/:id', adminAuth, checkPermission('admin', 'read'), async (req, res) => {
  try {
    const adminId = parseInt(req.params.id);
    const admin = await adminService.getAdminById(adminId);

    res.json({
      success: true,
      data: admin
    });
  } catch (error) {
    res.status(404).json({
      success: false,
      message: error.message
    });
  }
});

/**
 * 创建管理员
 */
router.post('/', adminAuth, checkPermission('admin', 'create'), async (req, res) => {
  try {
    const { username, email, phone, password, realName, roleIds } = req.body;

    // 验证必填字段
    if (!username || !password) {
      return res.status(400).json({
        success: false,
        message: '用户名和密码不能为空'
      });
    }

    if (password.length < 6) {
      return res.status(400).json({
        success: false,
        message: '密码长度不能少于6位'
      });
    }

    const admin = await adminService.createAdmin({
      username,
      email,
      phone,
      password,
      realName,
      roleIds
    }, req.adminId);

    res.status(201).json({
      success: true,
      message: '管理员创建成功',
      data: {
        id: admin.id,
        username: admin.username,
        email: admin.email,
        realName: admin.realName
      }
    });
  } catch (error) {
    res.status(400).json({
      success: false,
      message: error.message
    });
  }
});

/**
 * 更新管理员信息
 */
router.put('/:id', adminAuth, checkPermission('admin', 'update'), async (req, res) => {
  try {
    const adminId = parseInt(req.params.id);
    const { username, email, phone, realName, status, roleIds } = req.body;

    await adminService.updateAdmin(adminId, {
      username,
      email,
      phone,
      realName,
      status,
      roleIds
    }, req.adminId);

    res.json({
      success: true,
      message: '管理员信息更新成功'
    });
  } catch (error) {
    res.status(400).json({
      success: false,
      message: error.message
    });
  }
});

/**
 * 重置管理员密码
 */
router.put('/:id/password', adminAuth, checkPermission('admin', 'update'), async (req, res) => {
  try {
    const adminId = parseInt(req.params.id);
    const { newPassword } = req.body;

    if (!newPassword) {
      return res.status(400).json({
        success: false,
        message: '新密码不能为空'
      });
    }

    if (newPassword.length < 6) {
      return res.status(400).json({
        success: false,
        message: '密码长度不能少于6位'
      });
    }

    await adminService.resetPassword(adminId, newPassword, req.adminId);

    res.json({
      success: true,
      message: '密码重置成功'
    });
  } catch (error) {
    res.status(400).json({
      success: false,
      message: error.message
    });
  }
});

/**
 * 删除管理员
 */
router.delete('/:id', adminAuth, checkPermission('admin', 'delete'), async (req, res) => {
  try {
    const adminId = parseInt(req.params.id);
    
    await adminService.deleteAdmin(adminId, req.adminId);

    res.json({
      success: true,
      message: '管理员删除成功'
    });
  } catch (error) {
    res.status(400).json({
      success: false,
      message: error.message
    });
  }
});

module.exports = router;